General

  • Target

    9cbd3aef3e74b28384effb4736387bce

  • Size

    1.4MB

  • Sample

    231222-qg1c2sfbcl

  • MD5

    9cbd3aef3e74b28384effb4736387bce

  • SHA1

    733cb94a2709d263d6bc22066f72132e4909ab35

  • SHA256

    9ad403b47ecb73f7d51abdec090cde4278d50753e2d15273cb144c5c0302afba

  • SHA512

    51b49d1792a58aab629eb7e17835686ca8341c3e7b1151dd748092ca91d26c118426f99ca3414b26a9f1a7ffd3da4539e3a1c368df859d483c0eace88e35e936

  • SSDEEP

    12288:UVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:RfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      9cbd3aef3e74b28384effb4736387bce

    • Size

      1.4MB

    • MD5

      9cbd3aef3e74b28384effb4736387bce

    • SHA1

      733cb94a2709d263d6bc22066f72132e4909ab35

    • SHA256

      9ad403b47ecb73f7d51abdec090cde4278d50753e2d15273cb144c5c0302afba

    • SHA512

      51b49d1792a58aab629eb7e17835686ca8341c3e7b1151dd748092ca91d26c118426f99ca3414b26a9f1a7ffd3da4539e3a1c368df859d483c0eace88e35e936

    • SSDEEP

      12288:UVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:RfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks